summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* krb5_do_preauth_tryagain should check for NULL padataAlexandra Ellwood2008-06-251-1/+4
| | | | | | | | | | Fixed so krb5_do_preauth_tryagain no longer crashes on NULL padata but instead returns an error. ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20473 dc483132-0cff-0310-8789-dd5450dbe970
* kadm5_setkey_principal_3 not copying key_data_ver and key_data_kvnoAlexandra Ellwood2008-06-251-0/+2
| | | | | | | | | Added lines to copy these fields. ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20472 dc483132-0cff-0310-8789-dd5450dbe970
* Add new launchd flags to CCacheServer plist fileAlexandra Ellwood2008-06-251-0/+9
| | | | | | | | | | | | | | | | Added LimitLoadToSessionType "Background" to launch the CCacheServer once per user rather than only for GUI sessions. Added ThrottleInterval key to allow the CCacheServer to relaunch frequently. Set CFFIXED_USER_HOME environment variable to prevent the CCacheServer from accessing the user's home directory. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20471 dc483132-0cff-0310-8789-dd5450dbe970
* Bump minor version number. Update dependenciesKen Raeburn2008-06-251-1/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20470 dc483132-0cff-0310-8789-dd5450dbe970
* kdb library now depends on gssrpc; add it to link commandsKen Raeburn2008-06-251-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20469 dc483132-0cff-0310-8789-dd5450dbe970
* Pull in xdr_sizeof from tirpc2.3 (which has the same license as our current ↵Ken Raeburn2008-06-255-0/+171
| | | | | | rpc code) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20468 dc483132-0cff-0310-8789-dd5450dbe970
* Include kdb_log.h for missing prototypes. Declare conv_princ_2db &Ezra Peisach2008-06-241-2/+3
| | | | | | conv_princ_2ulog as static as they are not exported or used outside this file. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20466 dc483132-0cff-0310-8789-dd5450dbe970
* Merge from branch sun-ipropKen Raeburn2008-06-2448-188/+5843
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20465 dc483132-0cff-0310-8789-dd5450dbe970
* Suppress some glibc issues found on x86_64Ken Raeburn2008-06-201-0/+69
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20445 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unused fileKen Raeburn2008-06-201-86/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20434 dc483132-0cff-0310-8789-dd5450dbe970
* Remove test115 for 'bad client params', no longer appropriateKen Raeburn2008-06-191-104/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20429 dc483132-0cff-0310-8789-dd5450dbe970
* This patch is derived from a patch originally submitted to RTJeffrey Altman2008-06-182-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | by: Nik Conwell <nik@bu.edu> krb5_set_real_time() accepts as input the time of the KDC or an application server as a combination of seconds and microseconds. Often it is the case that the time source does not provide the real time with less than one second granularity. Up until this patch such a caller would fill in the microseconds parameter as zero. krb5_set_real_time() would treat the zero microseconds as the actual reported time and compute a microsecond based offset. During a one second window subsequent calls to krb5_set_real_time() would have an ever increasing offset size until the number of seconds is incremented. This in turn produces a side effect in which the microseconds value of the local clock is effectively erased. If there are multiple processes or threads on the same machine each requesting service tickets using the same client principal for the same service principal where the number of seconds reported by the KDC are equivalent, then they will now all create authenticators with exactly the same timestamp. As a result, the authenticating service will detect a replay attack even though the authenticators are actually unique. The replay cache only maintains a tuple of client, server and timestamp. This patch modifies the interpretation of the microseconds parameter. If -1 is specified, the microseconds offset is ignored. ticket: 5924 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20413 dc483132-0cff-0310-8789-dd5450dbe970
* Disable check for invalid client-side admin config parameters in theKen Raeburn2008-06-181-1/+5
| | | | | | | config file. Since KDC configuration parameters can now be put in krb5.conf, this doesn't make sense any more. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20411 dc483132-0cff-0310-8789-dd5450dbe970
* cci_credentials_iterator_release using wrong message IDAlexandra Ellwood2008-06-181-1/+1
| | | | | | ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20410 dc483132-0cff-0310-8789-dd5450dbe970
* Factor out repeated code for looking up string, port, or deltat config paramsKen Raeburn2008-06-111-150/+144
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20395 dc483132-0cff-0310-8789-dd5450dbe970
* Don't build spx.o, since we never enable SPXKen Raeburn2008-06-111-4/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20392 dc483132-0cff-0310-8789-dd5450dbe970
* New target 'undepend' for temporarily removing generated dependency infoKen Raeburn2008-06-111-1/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20390 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use private copy of syslog.h. Rebuild dependenciesKen Raeburn2008-06-1013-192/+69
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20386 dc483132-0cff-0310-8789-dd5450dbe970
* Warn against new uses of kadm5_config_params.dbname fieldKen Raeburn2008-06-101-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20384 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of handling of set-but-unused kadm5_config_params.admin_dbnameKen Raeburn2008-06-104-19/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20383 dc483132-0cff-0310-8789-dd5450dbe970
* Remove documentation for no-longer-supported admin_dbname argumentKen Raeburn2008-06-101-6/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20382 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of handling of set-but-unused kadm5_config_params.admin_lockfileKen Raeburn2008-06-104-16/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20381 dc483132-0cff-0310-8789-dd5450dbe970
* Don't check for NULL before calling free or krb5_xfreeKen Raeburn2008-06-091-43/+21
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20379 dc483132-0cff-0310-8789-dd5450dbe970
* Report file name in detailed cache creation errorKen Raeburn2008-06-081-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20371 dc483132-0cff-0310-8789-dd5450dbe970
* Do hash stuff with unsigned mathKen Raeburn2008-06-081-8/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20370 dc483132-0cff-0310-8789-dd5450dbe970
* Annotate that 'protocol' in svc_register means an IPPROTO_ valueKen Raeburn2008-06-061-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20367 dc483132-0cff-0310-8789-dd5450dbe970
* On Mac OS X, try poking launchd to get the portmapper launched beforeKen Raeburn2008-06-061-3/+55
| | | | | | we try to connect to it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20364 dc483132-0cff-0310-8789-dd5450dbe970
* Check for GSS_C_NO_CREDENTIAL before loop checkKen Raeburn2008-06-061-3/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20363 dc483132-0cff-0310-8789-dd5450dbe970
* We're not using this makedepend implementation any moreKen Raeburn2008-06-0410-3026/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20362 dc483132-0cff-0310-8789-dd5450dbe970
* Revert a few const specs to reduce warningsKen Raeburn2008-06-031-5/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20358 dc483132-0cff-0310-8789-dd5450dbe970
* Fix various minor format-string issuesKen Raeburn2008-06-037-22/+25
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20356 dc483132-0cff-0310-8789-dd5450dbe970
* Passing 0 to krb5_build_principal requires a castKen Raeburn2008-06-031-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20355 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use 'log' as a global variable nameKen Raeburn2008-06-021-40/+40
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20354 dc483132-0cff-0310-8789-dd5450dbe970
* Explicitly note number as unsigned to shut gcc upKen Raeburn2008-06-021-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20353 dc483132-0cff-0310-8789-dd5450dbe970
* Partial const-ification, as indicated by the modern Tcl API, exceptKen Raeburn2008-06-022-93/+104
| | | | | | for any bits that would require changing the admin APIs. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20352 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a few incompatible-pointer warnings that aren't just about signednessKen Raeburn2008-06-025-13/+17
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20351 dc483132-0cff-0310-8789-dd5450dbe970
* Change krb5_context.db_context to point to the real structure type,Ken Raeburn2008-06-0216-142/+142
| | | | | | | | and change uses to not cast all the time. Also rename it from db_context to dal_handle, since one of the fields in the pointed-to structure is also called db_context. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20348 dc483132-0cff-0310-8789-dd5450dbe970
* Add header for kill() in USE_PASSWORD_SERVER caseAlexandra Ellwood2008-05-301-0/+2
| | | | | | ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20347 dc483132-0cff-0310-8789-dd5450dbe970
* Apple PKINIT patch commitAlexandra Ellwood2008-05-3020-10/+4912
| | | | | | | | | | | | | Commit of Apple PKINIT patches under "APPLE_PKINIT" preprocessor symbol. Long term goal is to merge these patches with the pkinit preauth plugin which does not currently have support for Mac OS X crypto libraries or the exported functions used by Back To My Mac. ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20346 dc483132-0cff-0310-8789-dd5450dbe970
* No prototype when building kdb5_util without krb4 supportAlexandra Ellwood2008-05-301-1/+2
| | | | | | | | | Move stdio inclusion to the top of the file so there is a definition of printf when building without v4 support. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20345 dc483132-0cff-0310-8789-dd5450dbe970
* Warnings in server_stubs.c (signed vs unsigned errmsg, gcc printf)Alexandra Ellwood2008-05-301-39/+44
| | | | | | | | | | | | | | | | server_stubs.c uses char * for error messages which it gets from com_err, throwing away the constness of the com_err output. Made error message args be const char * to remove warnings and prevent accidental modification of com_err strings. In calls to krb5_klog_syslog server_stubs.c passes void* into %s printf formats and passes size_ts in for the field widths in %.*s formats. After verifying that the size_ts cannot be bigger than ints (which is ensured by trunc_name) added casts to remove spurious warnings. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20344 dc483132-0cff-0310-8789-dd5450dbe970
* signed vs unsigned char * warnings in kdb_xdr.cAlexandra Ellwood2008-05-301-6/+6
| | | | | | | | | | | load and store functions in k5-platform.h take an unsigned char *, whereas kdb_xdr.c was using a char * for decoding. This resulted in pages of warnings in the parsing code. Switched to using an unsigned char * and cast in the couple places where a char * is needed. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20343 dc483132-0cff-0310-8789-dd5450dbe970
* Profile library should not call rw_access earlier than neededAlexandra Ellwood2008-05-273-9/+20
| | | | | | | | | | Call rw_access lazily so we only call access just before we need to write to the file to avoid calling access as often. Deprecated bit in profile structures to track writability. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20341 dc483132-0cff-0310-8789-dd5450dbe970
* Use $(DL_LIB) instead of explicit -ldlKen Raeburn2008-05-191-1/+1
| | | | | | ticket: 5899 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20325 dc483132-0cff-0310-8789-dd5450dbe970
* Force hostname to lowercase before constructing kadmin principal name.Ken Raeburn2008-05-171-2/+22
| | | | | | | | Allocate space for the name dynamically. ticket: 5943 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20323 dc483132-0cff-0310-8789-dd5450dbe970
* Minor spelling & comment formattingKen Raeburn2008-05-161-13/+19
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20322 dc483132-0cff-0310-8789-dd5450dbe970
* Move auto var to outer scope, because its storage is used beyond the inner scopeKen Raeburn2008-05-151-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20320 dc483132-0cff-0310-8789-dd5450dbe970
* Don't test error code when it's known to be 0Ken Raeburn2008-05-151-3/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20319 dc483132-0cff-0310-8789-dd5450dbe970
* Fix minor bug in kg_save_name failure cleanup codeKen Raeburn2008-05-151-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20318 dc483132-0cff-0310-8789-dd5450dbe970
* Free context after use, not beforeKen Raeburn2008-05-151-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20317 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-15 05:59:03 +0000